Rip out more refresh_token code

We might as well treat all refresh_tokens as invalid. Just return a 403 from /tokenrefresh, so that we don't have a load of dead, untestable code hanging around. Still TODO: removing the table from the schema.
author: Richard van der Hoff <richard@matrix.org> 2016-11-30 17:40:18 +0000
committer: Richard van der Hoff <richard@matrix.org> 2016-11-30 17:40:18 +0000
commit: aa09d6b8f0a8f3f006f08b8816b3f2a0fe7eb167 (patch)
tree: 2b63610291843d6b24c9baa44cb6f18e163357b3 /synapse/rest/client/v2_alpha/register.py
parent: Merge branch 'develop' into rav/no_more_refresh_tokens (diff)
download: synapse-aa09d6b8f0a8f3f006f08b8816b3f2a0fe7eb167.tar.xz
1 files changed, 0 insertions, 2 deletions
diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py
index bc2ec95ddd..d5e6ec8b92 100644
--- a/synapse/rest/client/v2_alpha/register.py
+++ b/synapse/rest/client/v2_alpha/register.py
@@ -440,8 +440,6 @@ class RegisterRestServlet(RestServlet):
         access_token = self.auth_handler.generate_access_token(
             user_id, ["guest = true"]
         )
-        # XXX the "guest" caveat is not copied by /tokenrefresh. That's ok
-        # so long as we don't return a refresh_token here.
         defer.returnValue((200, {
             "user_id": user_id,
             "device_id": device_id,
author	Richard van der Hoff <richard@matrix.org>	2016-11-30 17:40:18 +0000
committer	Richard van der Hoff <richard@matrix.org>	2016-11-30 17:40:18 +0000
commit	aa09d6b8f0a8f3f006f08b8816b3f2a0fe7eb167 (patch)
tree	2b63610291843d6b24c9baa44cb6f18e163357b3 /synapse/rest/client/v2_alpha/register.py
parent	Merge branch 'develop' into rav/no_more_refresh_tokens (diff)
download	synapse-aa09d6b8f0a8f3f006f08b8816b3f2a0fe7eb167.tar.xz